JobTarget Logo

Sr. Software Engineer, Sensor - Anti-Tampering/SSP (Hybrid) in Sunnyvale, California at CrowdStrike, Inc.

NewSalary: $140000 - $215000Job Function: Information Technology
CrowdStrike, Inc.
Sunnyvale, California, 94085, United States
Posted on
New job! Apply early to increase your chances of getting hired.

Explore Related Opportunities

Job Description

CrowdStrike, Inc.

Full time

R29408

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're proud to work for a mission-driven company leveraging AI to transform the way we work. CrowdStrikers drive their careers through flexibility and autonomy while also being expected to contribute to a culture of responsible AI adoption, experimentation, and innovation. We use an AI-first mindset as a force multiplier to proactively and continuously accelerate execution, build expertise, uncover insights, and solve complex problems. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.


About the Role:
CrowdStrike's Sensor Security Platform (SSP) team is building up a dedicated Sensor Anti-Tampering engineering team to protect the Falcon sensor against adversary subversion. The Falcon sensor runs on millions of endpoints — and is a high-value target for sophisticated threat actors who seek to disable, evade, or degrade endpoint protection as a precursor to their attacks.

This role exists at the intersection of offense and defense: you will think like an adversary to protect one of the world's most widely deployed security agents. You will design and implement tamper-resistance, tamper-detection, and tamper-response capabilities that ensure the Falcon sensor remains operational and trustworthy — even when an attacker has elevated privileges on the endpoint.

The Anti-Tampering domain spans all major OS platforms: Windows, macOS, Linux. While no single engineer is expected to be expert across all platforms, you will bring deep OS and systems expertise on at least one, and develop cross-platform perspective as part of the team.

What You'll Do:

  • Design, implement and own sensor anti-tampering capabilities — including tamper prevention, tamper detection, and tamper response mechanisms

  • Collaborate with CrowdStrike's adversary intelligence, red team, and product security groups to stay ahead of emerging anti-EDR tradecraft

  • Partner with our threat analysts to understand adversary techniques targeting EDR agents (e.g. unhooking, driver manipulation, process termination, credential abuse, policy subversion) and develop mitigations against them

  • Reason about and enumerate the sensor's attack surface on your platform(s) of expertise, identifying gaps in tamper-resistance coverage

  • Contribute to cross-platform anti-tampering architecture — ensuring consistency of guarantees while respecting platform-specific realities

  • Write code in C/C++ and in CrowdStrike's internal domain-specific languages (you will be trained in the DSL; it is event-driven, asynchronous, and used extensively in the sensor's detection and response logic)

  • Write unit, functional and integration tests — including adversarial test cases that simulate tamper attempts

  • Participate in security design reviews for new sensor features, advising on tamper-resistance implications

  • Diagnose and respond to production escalations related to sensor tampering — including ProdSec and customer-reported issues


What You'll Need:

  • Deep systems programming expertise on at least one major platform (Windows, macOS, or Linux) — particularly in areas relevant to security agent protection: kernel interfaces, driver frameworks, process/memory protection, system service architecture

  • Ability to reason adversarially: understand how an attacker with local admin or root privileges would attempt to disable or evade a security agent, and design defenses accordingly

  • Strong C/C++ skills and comfort working in large, complex codebases

  • Ability to design and implement solutions that are both security-hardened and production-safe (anti-tampering must not compromise system stability)

  • Ability to reason about, describe, and communicate the security properties and assumptions of complex systems

  • Experience shipping security-critical software where correctness and reliability are non-negotiable

  • Ability to work effectively in a distributed, cross-timezone team with complex subject matter expertise

  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.


Bonus Points:

  • Direct experience with anti-tampering, self-protection, or agent-hardening at another EDR/endpoint security company

  • Experience with Windows kernel development (minifilters, callbacks, protected processes, Secure Boot/ELAM, ETW)

  • Experience with macOS system extensions, endpoint security framework, or kext development

  • Experience with Linux security modules, eBPF, or kernel module development

  • Reverse engineering or vulnerability research background

  • Red team or offensive security experience (understanding attacker tooling that targets EDR)

  • Familiarity with hypervisor-level security or ESXi agent architecture

#LI-CW1

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs

  • Competitive vacation and holidays for recharge

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $140,000 - $215,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here.

Job Location

Sunnyvale, California, 94085, United States

Frequently asked questions about this position

Similar Jobs In Sunnyvale, California

Hot Job

Manufacturing Engineer L2

Delphon Industries, LLC dba Gel-Pak
Hayward, California

Director of Manufacturing and Quality

Bolt Graphics
Sunnyvale, California

ASIC Diagnostic & Silicon Bring-Up Engineer

Eridu Corporation
Saratoga, California
New

Engineer II, Threat Detection - Windows (Hybrid)

CrowdStrike, Inc.
Sunnyvale, California

QC Inspector 2 - AOI - Swing Shift

Unigen
Newark, California
Continue to apply
Enter your email to continue. You’ll be redirected to the employer’s application.
By clicking Continue, you understand and agree to JobTarget's Terms of Use and Privacy Policy.